Date: Thu, 28 Oct 2004 20:07:21 -0500
From: parker@citynetwireless.net
To: linux-kernel@vger.kernel.org
Subject: ICMP ttl-exceeded packets not sourced correctly
Message-ID: <20041029010721.GA25817@core.citynetwireless.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.3.28i
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1208
Lines: 25

I think there's a problem with the ICMP code...

Say you have a router, and it's multihomed to two different isp's,
say cogentco.com and qwest.net as your upstreams.
On your cogent interface, you have the ip address on the /30 assigned by cogent,
with reverse dns being blahblah.demarc.cogentco.com on the qwest interface.
Same story with qwest, with reverse dns being whatever.qwest.net.
Now let's say someone out on the internet with ip address of 1.1.1.1 runs
a traceroute into your network and his incoming path to your network comes over qwest.
Your router's hop should source its ICMP ttl-exceeded code (the traceroute hop) on
its qwest /30 ip address, because thats where the traceroute got triggered.
ICMP ttl-exceeded code's response should not be originated from the interface
holding the route, but should be origianted from the interface that got hit
with the traceroute.

-- 
Bubba Parker
Systems Administrator
CityNet LLC
http://www.citynetinfo.com/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/